London Hospitals Were Attacked By Russian Hackers

A parliamentary committee issued a clear warning about the risk of a “catastrophic” ransomware attack months before Russian state -protected  hackers, known as Qilin, struck the National Health Service (NHS). 

Leading London hospitals -Guy's and St Thomas' and King's College - have both been affected by the attack on the pathology services provider Synnovis by the Russian cyber criminal group Qilin

Other London hospitals which have been severely impacted by the attack include the Royal Brompton, and Evelina Children’s Hospital. South London and Maudsley NHS Trust, which provides community and mental health services has also been heavily disrupted.

Qilin shared almost 400GB of private information on their darknet site, something they threatened to do in order to extort money from Synnovis. The result is that these hospitals are running at reduced capacity because of delays to processing vital blood, urine and tissue tests.

The NHS is “particularly vulnerable” and Britain is unprepared for the “high risk” of a major cyber hack,  the parliamentary Joint Committee on National Security Strategy (JCNSS) told the Government.

Russian Hacking Groups

While the syndicate od Russian state-protected hackers is though to comprise more than 100 individual groups, is not under the direct control of the Russian Government. However, its members enjoy safe haven in the country and are seen by Moscow as a useful tool of cyber warfare and global disruption.

According the JCNSS,  the NHS was operating with “crumbling IT services and a lack of investment”, including “IT systems that are out of support or have reached the end of their lifecycle”. This put it in a “particularly difficult position to protect itself from cyber-attacks”.

Home Office ministers and officials have prioritised policy over the threat of ransomware as a national security risk and the Home Office leads on the risks of cyber security but responsibility for this should be transferred to the Prime Minister's Cabinet Office. “There is a high risk that the Government will face a catastrophic ransomware attack at any moment, and that its planning will be found lacking. If the UK is to avoid being held hostage to fortune, it is vital that ransomware becomes a more pressing political priority, and that more resources are devoted to tackling this pernicious threat to the UK’s national security,” the report said. 

In response to the report, the Government said it was making tackling ransomware a priority in an effort to raise the cyber resilience of the UK, and its critical national infrastructure. It pledged further investment and to work with industry and international partners to pursue criminal groups who conduct attacks.

The British Government claims to have spent over £338m on increasing the resilience of NHS systems to protect it from hacks, and in 2023 launched the UK’s Cyber Strategy to set minimum standards of cyber security to help defend critical infrastructure. NHS England said it had set up a helpline to support people impacted by the attack and it will continue to share updates, but "investigations of this type are complex and take time".

The British National Crime Agency (NCA) which leads the UK’s response to cyber crime, was described as being “locked in an uphill struggle against the ransomware threat, with insufficient resources and capabilities to match the scale of this challenge”. The NCA is also reported to be considering the possibility of taking retaliatory action against Qilin.

DigitalHealth   |     The Record   |    Telegraph   |    inews   |    BBC   |    Guardian   |   Independent   | 

Image: Suraphat Nuea-on

You Might Also Read: 

Russia’s Nation-State Hackers: A Serious Threat To Global Security


If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

 

« RCE Vulnerability In OpenSSH Server
Treading A Safe Path - Navigating Hidden Ransomware Risks »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

SSH Communications Security

SSH Communications Security

SSH Communications Security is a leading provider of enterprise cybersecurity solutions for controlling trusted access to information systems and data.

Federal Office For Information Security (BSI)

Federal Office For Information Security (BSI)

The BSI (Bundesamt fur Sicherheit in der Informationstechnik) is the federal cyber security agency and the chief architect of secure digitalisation in Germany.

FAMOC

FAMOC

FAMOC is an enterprise mobile management solution that delivers comprehensive security and management for applications, documents, email, and mobile devices.

CIRT.GY

CIRT.GY

CIRT-GY is the national Computer Incident Response Team for Guyana.

Cyber Security Research Centre - University of Cardiff

Cyber Security Research Centre - University of Cardiff

Cardiff University's Centre for Cyber Security Research is a leading UK academic research unit for cyber security analytics.

IoT Now

IoT Now

IoT Now explores the evolving opportunities and challenges facing CSPs, and we pass on some lessons learned from those who have taken the first steps in next gen IoT services.

Cyberra Legal Services (CLS)

Cyberra Legal Services (CLS)

Cyberra Legal Services provides cyber law advisory, cyber crime consultancy, cyber law compliance audit, cyber security, cyber forensics and cyber training services.

Ergon Informatik

Ergon Informatik

Ergon Informatik AG is Switzerland's leading provider of customised software solutions and software products including fraud detection and the Airlock web security suite.

SBD Automotive

SBD Automotive

SBD Automotive are specialists in automotive technology providing independent research and consultancy to help create smarter, more secure, better connected, and increasingly autonomous cars.

Jerusalem Venture Partners (JVP)

Jerusalem Venture Partners (JVP)

JVP’s Center of Excellence in Be’er Sheva aims to identify, nurture and build the next wave of cyber security and big data companies to emerge out of Israel.

Silent Sector

Silent Sector

Silent Sector is a cybersecurity services company that specializes in providing a wide range of managed security services.

Nukke

Nukke

Nukke offers advanced cybersecurity software and tailored solutions for your business.

Databarracks

Databarracks

Databarracks deliver award winning IT resilience and continuity services. We help organisations get the most out of the cloud and protect their data, wherever it lives.

ITButler e-Services

ITButler e-Services

At IT Butler, our mission is crystal clear: we are dedicated to providing top-tier cybersecurity solutions and best-practice methodologies to secure and enhance your digital infrastructure’s resilienc

DataPatrol

DataPatrol

DataPatrol is a software company, specialized in providing Security and Privacy of company’s data and information in an evolved way.

Thero6

Thero6

Thero6 develop dynamic financial analysis algorithms that help prevent coin collapses and theft of cryptocurrency funds by identifying the transaction absolutely throughout the chain.